[DOCS] Move horizon docs to roles

This change moves the horizon config information into the
os_horizon role repo. Moving forward, specific project
configurations are maintained in the appropriate role book.

Change-Id: Ic0b1599aee659f47128aa50f367164b64353556a

README.rst

@@ -1,77 +1,8 @@
+=========================
 OpenStack-Ansible Horizon
-#########################
+=========================
 
 This Ansible role installs and configures OpenStack Horizon served by the
 Apache webserver. Horizon is configured to use Galera for session caching and
 memcached for other caching.
 
-Default Variables
-=================
-
-.. literalinclude:: ../../defaults/main.yml
-   :language: yaml
-   :start-after: under the License.
-
-
-Required Variables
-==================
-
-This list is not exhaustive at present. See role internals for further
-details.
-
-.. code-block:: yaml
-
-      horizon_ssl_protocol: "ALL -SSLv2 -SSLv3"
-      horizon_ssl_cipher_suite: "ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS"
-      horizon_galera_address: 10.100.100.101
-      horizon_container_mysql_password: "SuperSecrete"
-      horizon_secret_key: "SuperSecreteHorizonKey"
-
-
-Example Playbook
-================
-
-.. code-block:: yaml
-
-    - name: Installation and setup of horizon
-      hosts: horizon_all
-      user: root
-      roles:
-        - { role: "os_horizon", tags: [ "os-horizon" ] }
-      vars:
-        galera_client_drop_config_file: false
-        external_lb_vip_address: 10.100.100.101
-        internal_lb_vip_address: 10.100.100.101
-        horizon_galera_address: 10.100.100.101
-        horizon_container_mysql_password: "SuperSecrete"
-        horizon_secret_key: "SuperSecreteHorizonKey"
-        horizon_external_ssl: true
-        horizon_ssl_protocol: "ALL -SSLv2 -SSLv3"
-        horizon_ssl_cipher_suite: "ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS"
-        galera_root_password: "secrete"
-        rabbitmq_servers: 10.100.100.101
-        rabbitmq_use_ssl: false
-        rabbitmq_port: 5671
-        keystone_admin_user_name: admin
-        keystone_auth_admin_password: "SuperSecretePassword"
-        keystone_admin_tenant_name: admin
-        keystone_service_adminuri_insecure: false
-        keystone_service_internaluri_insecure: false
-        keystone_service_internaluri: "http://{{ internal_lb_vip_address }}:5000"
-        keystone_service_internalurl: "{{ keystone_service_internaluri }}/v3"
-        keystone_service_adminuri: "http://{{ internal_lb_vip_address }}:35357"
-        keystone_service_adminurl: "{{ keystone_service_adminuri }}/v3"
-        openrc_os_password: "{{ keystone_auth_admin_password }}"
-        openrc_os_domain_name: "Default"
-        memcached_servers: 10.100.100.101
-        memcached_encryption_key: "secrete"
-
-Tags
-====
-
-This role supports two tags: ``horizon-install`` and ``horizon-config``
-
-The ``horizon-install`` tag can be used to install and upgrade.
-
-The ``horizon-config`` tag can be used to manage configuration.
-

doc/source/configure-horizon.rst

@@ -0,0 +1,31 @@
+==============================================
+Configuring the Dashboard (horizon) (optional)
+==============================================
+
+Customize your horizon deployment in
+``/etc/openstack_deploy/user_variables.yml``.
+
+Securing horizon communication with SSL certificates
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+The OpenStack-Ansible project provides the ability to secure Dashboard
+(horizon) communications with self-signed or user-provided SSL certificates.
+
+Refer to `Securing services with SSL certificates`_ for available configuration
+options.
+
+.. _Securing services with SSL certificates: http://docs.openstack.org/developer/openstack-ansible/install-guide/configure-sslcertificates.html
+
+Configuring a horizon customization module
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+Openstack-Ansible supports deployment of a horizon `customization module`_.
+After building your customization module, configure the
+``horizon_customization_module`` variable with a path to your module.
+
+.. code-block:: yaml
+
+   horizon_customization_module: /path/to/customization_module.py
+
+.. _customization module: http://docs.openstack.org/developer/horizon/topics/customizing.html#horizon-customization-module-overrides
+

doc/source/index.rst

@@ -1 +1,51 @@
-.. include:: ../../README.rst
+=========================
+OpenStack-Ansible Horizon
+=========================
+
+.. toctree::
+   :maxdepth: 2
+
+   configure-horizon.rst
+
+This Ansible role installs and configures OpenStack Horizon served by the
+Apache webserver. Horizon is configured to use Galera for session caching and
+memcached for other caching.
+
+Default variables
+~~~~~~~~~~~~~~~~~
+
+.. literalinclude:: ../../defaults/main.yml
+   :language: yaml
+   :start-after: under the License.
+
+
+Required variables
+~~~~~~~~~~~~~~~~~~
+
+This list is not exhaustive. See role internals for further
+details.
+
+.. code-block:: yaml
+
+      horizon_ssl_protocol: "ALL -SSLv2 -SSLv3"
+      horizon_ssl_cipher_suite: "ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS"
+      horizon_galera_address: 10.100.100.101
+      horizon_container_mysql_password: "SuperSecrete"
+      horizon_secret_key: "SuperSecreteHorizonKey"
+
+
+Example playbook
+~~~~~~~~~~~~~~~~
+
+.. literalinclude:: ../../examples/playbook.yml
+   :language: yaml
+
+Tags
+====
+
+This role supports two tags: ``horizon-install`` and ``horizon-config``.
+
+The ``horizon-install`` tag can be used to install and upgrade.
+
+The ``horizon-config`` tag can be used to manage configuration.
+

examples/playbook.yml

@@ -0,0 +1,32 @@
+- name: Installation and setup of horizon
+  hosts: horizon_all
+  user: root
+  roles:
+    - { role: "os_horizon", tags: [ "os-horizon" ] }
+  vars:
+    galera_client_drop_config_file: false
+    external_lb_vip_address: 10.100.100.101
+    internal_lb_vip_address: 10.100.100.101
+    horizon_galera_address: 10.100.100.101
+    horizon_container_mysql_password: "SuperSecrete"
+    horizon_secret_key: "SuperSecreteHorizonKey"
+    horizon_external_ssl: true
+    horizon_ssl_protocol: "ALL -SSLv2 -SSLv3"
+    horizon_ssl_cipher_suite: "ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS"
+    galera_root_password: "secrete"
+    rabbitmq_servers: 10.100.100.101
+    rabbitmq_use_ssl: false
+    rabbitmq_port: 5671
+    keystone_admin_user_name: admin
+    keystone_auth_admin_password: "SuperSecretePassword"
+    keystone_admin_tenant_name: admin
+    keystone_service_adminuri_insecure: false
+    keystone_service_internaluri_insecure: false
+    keystone_service_internaluri: "http://{{ internal_lb_vip_address }}:5000"
+    keystone_service_internalurl: "{{ keystone_service_internaluri }}/v3"
+    keystone_service_adminuri: "http://{{ internal_lb_vip_address }}:35357"
+    keystone_service_adminurl: "{{ keystone_service_adminuri }}/v3"
+    openrc_os_password: "{{ keystone_auth_admin_password }}"
+    openrc_os_domain_name: "Default"
+    memcached_servers: 10.100.100.101
+    memcached_encryption_key: "secrete"